Management executives at a major independent computer forensic consulting firm are confused with the forensics methods you used to access network traffic required for computer forensics data acquisition and the procedures by which you handled full content, alert, and session data. They want to be sure that you are following best practices for acquiring digital evidence from a network. More specifically, as you expand your memo to executive management concerning this process, describe your use of hubs, TAPS, in-line devices, and SPAN ports to access network traffic that is a possible threat. You must provide the following to executive management in a paper of 5–7 pages titled “Network-Based Evidence Acquisition Practices.” The paper should include the following elements:
- Headers in memorandum format (To, From, Subject, and Date)
- Introduction to the upcoming practices document
- How you acquire full content, alert, and session network data
- How you use hubs, TAPS, inline devices, and SPAN ports to access network traffic threats
- Conclusion or wrap-up of the best practices
- Reference list in APA format
Ensure that all bullets have comprehensive details provided regarding the acquisition of the identified areas and not necessarily the examination and analysis of this data. The goal of the identified process should be to concentrate on the process of network data acquisition.
Any references used for development of the main body of the paper should be in APA format. All technical assertions in the main body of the paper should have supporting citations and references in APA format.